RUM Concerns and Trends

Watching end user activity does present some concerns and pitfalls
to watch out for, from privacy to portability and beyond. We’ve already
considered many of the privacy concerns in the section on WIA, so be sure
to check there for details on data collection.

Cookie Encryption and Session Reassembly

Some websites store session attributes in encrypted
cookies. Unfortunately, obfuscating personally identifiable information
may make it hard to reassemble a user’s visit or to identify one user
across several visits. Whenever the visitor changes the application
state (for example, by adding something to a shopping cart) the entire
encrypted cookie changes.

Your development team should separate the things you need to hide
(such as an account number) from the things that you don’t (such as a
session ID). Better yet, store session state on the servers rather than
in cookies—it’s safer and makes the cookies smaller, improving
performance. This is particularly true if your sessionization relies on
the information in that cookie.

Privacy

RUM tools may extract content from the page to add
business context to a visit record. While this is less risky than
collecting an entire page for replay (as we do in some WIA tools), you
still need to be careful about what you’re capturing.

When you implement your data collection strategy, you should ensure that someone with legal authority has reviewed it. In particular, pay attention to POST parameters, URI parameters, and cookies. You’ll ...

The best content for your career. Discover unlimited learning
on demand for around $1/day.